Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/92256d-b875-4762-b743-05b15f5ee8c3/1/6jUnw4ABLZRGWLZ3VvsECujZOn8.roa
File: 6jUnw4ABLZRGWLZ3VvsECujZOn8.roa (raw, json)
Hash identifier: 80lSH+cuu92XEp7oB7l+5noYKD/CLX9ilJo36guu33A=
Subject key identifier: EA:35:27:C3:80:01:2D:94:46:58:B6:77:56:FB:04:0A:E8:D9:3A:7F
Certificate issuer: /CN=ce1c5bea595d890f21307c1b336519fb0edc089c
Certificate serial: 01942747D61BED7D232F2C93871370C2D3DD
Authority key identifier: CE:1C:5B:EA:59:5D:89:0F:21:30:7C:1B:33:65:19:FB:0E:DC:08:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zhxb6lldiQ8hMHwbM2UZ-w7cCJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/92256d-b875-4762-b743-05b15f5ee8c3/1/6jUnw4ABLZRGWLZ3VvsECujZOn8.roa
Signing time: Thu 02 Jan 2025 13:50:06 +0000
ROA not before: Thu 02 Jan 2025 13:50:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49605
IP address blocks: 31.13.136.0/21 maxlen: 21
185.8.148.0/22 maxlen: 22
185.87.240.0/22 maxlen: 22
217.112.96.0/20 maxlen: 20
2a02:e50::/32 maxlen: 32
2a05:c6c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/92256d-b875-4762-b743-05b15f5ee8c3/1/zhxb6lldiQ8hMHwbM2UZ-w7cCJw.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/92256d-b875-4762-b743-05b15f5ee8c3/1/zhxb6lldiQ8hMHwbM2UZ-w7cCJw.mft
rsync://rpki.ripe.net/repository/DEFAULT/zhxb6lldiQ8hMHwbM2UZ-w7cCJw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:d6:1b:ed:7d:23:2f:2c:93:87:13:70:c2:d3:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce1c5bea595d890f21307c1b336519fb0edc089c
Validity
Not Before: Jan 2 13:50:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ea3527c380012d944658b67756fb040ae8d93a7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f2:92:dc:3e:40:bd:ec:72:0d:0d:e7:4b:03:
4e:2f:8a:c4:0f:37:cb:52:e2:26:7c:53:57:4a:47:
71:61:af:f0:6b:0b:cc:2e:67:15:91:a4:1a:14:55:
e6:88:46:61:ef:95:3e:f0:4f:93:f6:66:e9:a3:81:
69:8c:11:09:ab:95:63:50:95:69:0c:52:54:b9:5f:
39:13:cd:ca:11:f5:06:f6:9e:4d:69:eb:a4:a0:38:
f4:fa:d7:4f:af:75:c0:87:15:de:98:50:ba:2e:24:
64:e6:89:60:d4:b6:e1:46:21:61:c2:e3:1f:88:8b:
ec:88:f5:77:40:88:58:34:4f:25:ae:e0:ee:88:72:
2e:42:5a:35:85:f4:62:97:60:55:a2:a7:b9:19:77:
0e:52:1a:0b:cc:6b:3f:c7:08:9c:0c:8f:3e:07:a0:
e5:79:0e:ba:58:fe:bd:b9:88:08:78:d9:b4:88:20:
7a:c6:ad:8e:7a:cf:75:49:85:05:65:0f:01:17:4a:
f3:1b:08:d9:c5:6d:ee:65:e9:dd:ba:e9:b7:c1:28:
46:82:14:89:b4:7e:d0:83:52:08:70:bd:e7:b2:9a:
35:1b:82:5d:b6:3d:29:2c:5d:3e:d0:cc:f6:f3:0b:
e1:ac:9a:d2:39:8e:3b:d1:f2:e9:6d:85:4c:04:d6:
32:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:35:27:C3:80:01:2D:94:46:58:B6:77:56:FB:04:0A:E8:D9:3A:7F
X509v3 Authority Key Identifier:
keyid:CE:1C:5B:EA:59:5D:89:0F:21:30:7C:1B:33:65:19:FB:0E:DC:08:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zhxb6lldiQ8hMHwbM2UZ-w7cCJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/92256d-b875-4762-b743-05b15f5ee8c3/1/6jUnw4ABLZRGWLZ3VvsECujZOn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/92256d-b875-4762-b743-05b15f5ee8c3/1/zhxb6lldiQ8hMHwbM2UZ-w7cCJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.136.0/21
185.8.148.0/22
185.87.240.0/22
217.112.96.0/20
IPv6:
2a02:e50::/32
2a05:c6c0::/29
Signature Algorithm: sha256WithRSAEncryption
5b:a5:40:1e:5c:aa:69:e7:2c:97:f9:91:34:0b:18:5c:48:95:
ff:29:4b:25:a6:7a:1f:9f:bf:a0:8e:36:e6:a0:56:0c:8d:57:
9c:1f:ba:ec:fa:32:99:66:f3:03:b0:db:f0:06:3c:48:e5:ee:
da:1b:0e:92:96:f5:76:b6:70:ee:41:78:bd:24:bf:20:3f:94:
d5:02:fe:67:a6:39:fe:0f:8f:e6:c7:6c:6c:ce:80:e8:e8:55:
c7:f0:35:de:d2:5b:56:26:6a:4a:01:bd:79:f8:da:5a:a5:0a:
e9:45:aa:c6:67:50:40:01:ab:b8:97:0d:63:b5:1d:e3:60:bc:
ad:ce:53:e5:eb:6a:07:19:28:48:e0:6c:a0:e8:35:c0:e3:e7:
d0:fa:30:95:6b:e4:48:32:72:1b:04:68:48:f7:12:b2:ec:dc:
71:9b:e7:2c:6d:9b:19:73:9d:88:eb:af:49:59:7d:5f:fa:b5:
64:f6:e9:ac:04:3f:21:72:28:12:ab:37:7b:f0:0d:cc:b6:c1:
3f:7a:57:8a:e4:44:b4:a4:7a:e8:59:d0:0b:1a:a0:e7:a3:37:
c4:0d:87:fb:07:14:1d:85:7e:69:70:9e:82:f7:60:ec:fe:b1:
7e:3a:6d:31:b3:6e:4c:56:72:14:9a:a2:bb:b9:4d:c4:3d:2e:
3f:c1:e8:8e
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZQnR9Yb7X0jLyyThxNwwtPdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlMWM1YmVhNTk1ZDg5MGYyMTMwN2MxYjMzNjUxOWZiMGVk
YzA4OWMwHhcNMjUwMTAyMTM1MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTM1MjdjMzgwMDEyZDk0NDY1OGI2Nzc1NmZiMDQwYWU4ZDkzYTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofKS3D5AvexyDQ3nSwNOL4rEDzfL
UuImfFNXSkdxYa/wawvMLmcVkaQaFFXmiEZh75U+8E+T9mbpo4FpjBEJq5VjUJVp
DFJUuV85E83KEfUG9p5NaeukoDj0+tdPr3XAhxXemFC6LiRk5olg1LbhRiFhwuMf
iIvsiPV3QIhYNE8lruDuiHIuQlo1hfRil2BVoqe5GXcOUhoLzGs/xwicDI8+B6Dl
eQ66WP69uYgIeNm0iCB6xq2Oes91SYUFZQ8BF0rzGwjZxW3uZenduum3wShGghSJ
tH7Qg1IIcL3nspo1G4Jdtj0pLF0+0Mz28wvhrJrSOY470fLpbYVMBNYyNQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFOo1J8OAAS2URli2d1b7BAro2Tp/MB8GA1UdIwQY
MBaAFM4cW+pZXYkPITB8GzNlGfsO3AicMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemh4YjZsbGRpUThoTUh3Yk0yVVotdzdjQ0p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi85MjI1NmQtYjg3NS00NzYyLWI3NDMt
MDViMTVmNWVlOGMzLzEvNmpVbnc0QUJMWlJHV0xaM1Z2c0VDdWpaT244LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi85MjI1NmQtYjg3NS00NzYyLWI3NDMtMDViMTVmNWVlOGMz
LzEvemh4YjZsbGRpUThoTUh3Yk0yVVotdzdjQ0p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQDHw2IAwQC
uQiUAwQCuVfwAwQE2XBgMBQEAgACMA4DBQAqAg5QAwUDKgXGwDANBgkqhkiG9w0B
AQsFAAOCAQEAW6VAHlyqaecsl/mRNAsYXEiV/ylLJaZ6H5+/oI425qBWDI1XnB+6
7PoymWbzA7Db8AY8SOXu2hsOkpb1drZw7kF4vSS/ID+U1QL+Z6Y5/g+P5sdsbM6A
6OhVx/A13tJbViZqSgG9efjaWqUK6UWqxmdQQAGruJcNY7Ud42C8rc5T5etqBxko
SOBsoOg1wOPn0PowlWvkSDJyGwRoSPcSsuzccZvnLG2bGXOdiOuvSVl9X/q1ZPbp
rAQ/IXIoEqs3e/ANzLbBP3pXiuREtKR66FnQCxqg56M3xA2H+wcUHYV+aXCegvdg
7P6xfjptMbNuTFZyFJqiu7lNxD0uP8Hojg==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:57:38 2025 by rpki-client